(ISC) is globally recognized as the largest membership body of and as the Gold Standard for certifying information security professionals. (ISC)has over 66,000 certified members in more than 130 countries. Based in Palm Harbor, Florida, USA, with offices in Washington, D.C., London, Hong Kong and Tokyo, (ISC)issues the Certified Information Systems Security Professional (CISSP) and related concentrations, Certified Secure Software Lifecycle Professional (CSSLP), Certification and Accreditation Professional (CAP), and Systems Security Certified Practitioner (SSCP) credentials to those meeting necessary competency requirements. (ISC's CISSP and related concentrations, CAP, and the SSCP certifications are among the first information technology credentials to meet the stringent requirements of ANSI/ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC) also offers a continuing professional education program, a portfolio of education products and services based upon (ISC's CBK, a compendium of information security topics. More information

Our Website:

Whitepaper: Emerging Cyber Threats Call for a Change in the 'Deliver Now, Fix Later' Culture of Software Development

by ISC2Mar 05, 2014

The demand for new and innovative technology solutions has created a software industry laser focused on speed to market, costs and product functionality. While this may help companies achieve a first-to-market advantage, it has also led to an environment where developers are more focused on meeting unrealistic schedule commitments than producing high-quality software. The result is a "deliver now, fix later" software development culture, where it is acceptable to leave the task of finding and fixing bugs until after the product has been delivered.

Whitepaper: Trust in Cyberspace

by ISC2Dec 16, 2010

We are at war, and a war in which the enemy is not only merely subtle, but in most cases invisible. There is a battle for software security, between those who are trying to defend it all costs, and those who are trying to break your software.

Software security is all about trust � about assurance and confidence that the software will function as it is expected and be robust enough to handle any threats. Find out the threats that impact this trust.� Learn some of the most prevalent threats to software that can impact your level of confidence or trust in it. Educate yourself and understand what characteristics trusted software has.

Whitepaper: Testing Role-based Authorization Controls in Websites

by ISC2Feb 01, 2010

This whitepaper describes a practical approach on how to test Websites for flaws in role-based authorization controls. The first two sections discuss the importance of testing these controls and how this testing is tied to the business that the Website supports. The rest of the paper outlines the general approach and some specific tools and techniques that can be used.

Whitepaper: From the Field: A Hacker's Story

by ISC2Feb 01, 2010

In tough economic times, it is more important than ever to be mindful of common sense security practices. The security posture of your organization can be increased with simple to remember safety tips, inexpensive security technology solutions, and by making your employees aware of rising security threats and ways to mitigate these threats. Risk is inherent to business operations and you can not totally eliminate all types of risks; however, there are some fundamental practices that can be implemented in your organization that will dramatically increase the protection of your organization.